<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
    <title>ActionDispatch::Cookies</title>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <link rel="stylesheet" href="../../css/reset.css" type="text/css" media="screen" />
<link rel="stylesheet" href="../../css/main.css" type="text/css" media="screen" />
<link rel="stylesheet" href="../../css/github.css" type="text/css" media="screen" />
<script src="../../js/jquery-1.3.2.min.js" type="text/javascript" charset="utf-8"></script>
<script src="../../js/jquery-effect.js" type="text/javascript" charset="utf-8"></script>
<script src="../../js/main.js" type="text/javascript" charset="utf-8"></script>
<script src="../../js/highlight.pack.js" type="text/javascript" charset="utf-8"></script>

</head>

<body>     
    <div class="banner">
        
            <span>Ruby on Rails v4.0.0</span><br />
        
        <h1>
            <span class="type">Class</span> 
            ActionDispatch::Cookies 
            
                <span class="parent">&lt; 
                    
                    <a href="../Object.html">Object</a>
                    
                </span>
            
        </h1>
        <ul class="files">
            
            <li><a href="../../files/actionpack/lib/action_dispatch/middleware/cookies_rb.html">actionpack/lib/action_dispatch/middleware/cookies.rb</a></li>
            
        </ul>
    </div>
    <div id="bodyContent">
        <div id="content">
  
    <div class="description">
      
<p>Cookies are read and written through ActionController#cookies.</p>

<p>The cookies being read are the ones received along with the request, the
cookies being written will be sent out with the response. Reading a cookie
does not get the cookie object itself back, just the value it holds.</p>

<p>Examples of writing:</p>

<pre># Sets a simple session cookie.
# This cookie will be deleted when the user's browser is closed.
cookies[:user_name] = &quot;david&quot;

# Assign an array of values to a cookie.
cookies[:lat_lon] = [47.68, -122.37]

# Sets a cookie that expires in 1 hour.
cookies[:login] = { value: &quot;XJ-122&quot;, expires: 1.hour.from_now }

# Sets a signed cookie, which prevents users from tampering with its value.
# The cookie is signed by your app's &lt;tt&gt;config.secret_key_base&lt;/tt&gt; value.
# It can be read using the signed method &lt;tt&gt;cookies.signed[:name]&lt;/tt&gt;
cookies.signed[:user_id] = current_user.id

# Sets a &quot;permanent&quot; cookie (which expires in 20 years from now).
cookies.permanent[:login] = &quot;XJ-122&quot;

# You can also chain these methods:
cookies.permanent.signed[:login] = &quot;XJ-122&quot;</pre>

<p>Examples of reading:</p>

<pre class="ruby"><span class="ruby-identifier">cookies</span>[:<span class="ruby-identifier">user_name</span>]    <span class="ruby-comment"># =&gt; &quot;david&quot;</span>
<span class="ruby-identifier">cookies</span>.<span class="ruby-identifier">size</span>           <span class="ruby-comment"># =&gt; 2</span>
<span class="ruby-identifier">cookies</span>[:<span class="ruby-identifier">lat_lon</span>]      <span class="ruby-comment"># =&gt; [47.68, -122.37]</span>
<span class="ruby-identifier">cookies</span>.<span class="ruby-identifier">signed</span>[:<span class="ruby-identifier">login</span>] <span class="ruby-comment"># =&gt; &quot;XJ-122&quot;</span>
</pre>

<p>Example for deleting:</p>

<pre>cookies.delete :user_name</pre>

<p>Please note that if you specify a :domain when setting a cookie, you must
also specify the domain when deleting the cookie:</p>

<pre>cookies[:name] = {
  value: 'a yummy cookie',
  expires: 1.year.from_now,
  domain: 'domain.com'
}

cookies.delete(:name, domain: 'domain.com')</pre>

<p>The option symbols for setting cookies are:</p>
<ul><li>
<p><code>:value</code> - The cookie's value or list of values (as an array).</p>
</li><li>
<p><code>:path</code> - The path for which this cookie applies. Defaults to
the root of the application.</p>
</li><li>
<p><code>:domain</code> - The domain for which this cookie applies so you can
restrict to the domain level. If you use a schema like <a
href="http://www.example.com">www.example.com</a> and want to share session
with user.example.com set <code>:domain</code> to <code>:all</code>. Make
sure to specify the <code>:domain</code> option with <code>:all</code>
again when deleting cookies.</p>

<pre>domain: nil  # Does not sets cookie domain. (default)
domain: :all # Allow the cookie for the top most level
                  domain and subdomains.</pre>
</li><li>
<p><code>:expires</code> - The time at which this cookie expires, as a Time
object.</p>
</li><li>
<p><code>:secure</code> - Whether this cookie is only transmitted to HTTPS
servers. Default is <code>false</code>.</p>
</li><li>
<p><code>:httponly</code> - Whether this cookie is accessible via scripting or
only HTTP. Defaults to <code>false</code>.</p>
</li></ul>

    </div>
  


  


  
  


  
    <!-- Namespace -->
    <div class="sectiontitle">Namespace</div>
    <ul>
      
        <li>
          <span class="type">MODULE</span>
          <a href="Cookies/ChainedCookieJars.html">ActionDispatch::Cookies::ChainedCookieJars</a>
        </li>
      
        <li>
          <span class="type">MODULE</span>
          <a href="Cookies/VerifyAndUpgradeLegacySignedMessage.html">ActionDispatch::Cookies::VerifyAndUpgradeLegacySignedMessage</a>
        </li>
      
    </ul>
  


  
    <!-- Method ref -->
    <div class="sectiontitle">Methods</div>
    <dl class="methods">
      
        <dt>C</dt>
        <dd>
          <ul>
            
              
              <li>
                <a href="Cookies.html#method-i-call">call</a>
              </li>
            
          </ul>
        </dd>
      
        <dt>N</dt>
        <dd>
          <ul>
            
              
              <li>
                <a href="Cookies.html#method-c-new">new</a>
              </li>
            
          </ul>
        </dd>
      
    </dl>
  

  



  

    

    

    
      <!-- Section constants -->
      <div class="sectiontitle">Constants</div>
      <table border='0' cellpadding='5'>
        
          <tr valign='top'>
            <td class="attr-name">HTTP_HEADER</td>
            <td>=</td>
            <td class="attr-value">&quot;Set-Cookie&quot;.freeze</td>
          </tr>
          
            <tr valign='top'>
              <td>&nbsp;</td>
              <td colspan="2" class="attr-desc"></td>
            </tr>
          
        
          <tr valign='top'>
            <td class="attr-name">GENERATOR_KEY</td>
            <td>=</td>
            <td class="attr-value">&quot;action_dispatch.key_generator&quot;.freeze</td>
          </tr>
          
            <tr valign='top'>
              <td>&nbsp;</td>
              <td colspan="2" class="attr-desc"></td>
            </tr>
          
        
          <tr valign='top'>
            <td class="attr-name">SIGNED_COOKIE_SALT</td>
            <td>=</td>
            <td class="attr-value">&quot;action_dispatch.signed_cookie_salt&quot;.freeze</td>
          </tr>
          
            <tr valign='top'>
              <td>&nbsp;</td>
              <td colspan="2" class="attr-desc"></td>
            </tr>
          
        
          <tr valign='top'>
            <td class="attr-name">ENCRYPTED_COOKIE_SALT</td>
            <td>=</td>
            <td class="attr-value">&quot;action_dispatch.encrypted_cookie_salt&quot;.freeze</td>
          </tr>
          
            <tr valign='top'>
              <td>&nbsp;</td>
              <td colspan="2" class="attr-desc"></td>
            </tr>
          
        
          <tr valign='top'>
            <td class="attr-name">ENCRYPTED_SIGNED_COOKIE_SALT</td>
            <td>=</td>
            <td class="attr-value">&quot;action_dispatch.encrypted_signed_cookie_salt&quot;.freeze</td>
          </tr>
          
            <tr valign='top'>
              <td>&nbsp;</td>
              <td colspan="2" class="attr-desc"></td>
            </tr>
          
        
          <tr valign='top'>
            <td class="attr-name">SECRET_TOKEN</td>
            <td>=</td>
            <td class="attr-value">&quot;action_dispatch.secret_token&quot;.freeze</td>
          </tr>
          
            <tr valign='top'>
              <td>&nbsp;</td>
              <td colspan="2" class="attr-desc"></td>
            </tr>
          
        
          <tr valign='top'>
            <td class="attr-name">SECRET_KEY_BASE</td>
            <td>=</td>
            <td class="attr-value">&quot;action_dispatch.secret_key_base&quot;.freeze</td>
          </tr>
          
            <tr valign='top'>
              <td>&nbsp;</td>
              <td colspan="2" class="attr-desc"></td>
            </tr>
          
        
          <tr valign='top'>
            <td class="attr-name">MAX_COOKIE_SIZE</td>
            <td>=</td>
            <td class="attr-value">4096</td>
          </tr>
          
            <tr valign='top'>
              <td>&nbsp;</td>
              <td colspan="2" class="attr-desc"><p><a href="Cookies.html">Cookies</a> can typically store 4096 bytes.</p></td>
            </tr>
          
        
          <tr valign='top'>
            <td class="attr-name">CookieOverflow</td>
            <td>=</td>
            <td class="attr-value">Class.new StandardError</td>
          </tr>
          
            <tr valign='top'>
              <td>&nbsp;</td>
              <td colspan="2" class="attr-desc"><p>Raised when storing more than 4K of session data.</p></td>
            </tr>
          
        
      </table>
    


    


    <!-- Methods -->
    
      <div class="sectiontitle">Class Public methods</div>
      
        <div class="method">
          <div class="title method-title" id="method-c-new">
            
              <b>new</b>(app)
            
            <a href="Cookies.html#method-c-new" name="method-c-new" class="permalink">Link</a>
          </div>
          
          
            <div class="description">
              
            </div>
          
          
          
          
          
            
            <div class="sourcecode">
              
              <p class="source-link">
                Source: 
                <a href="javascript:toggleSource('method-c-new_source')" id="l_method-c-new_source">show</a>
                
                  | <a href="https://github.com/rails/rails/blob/943596cb6eb1dfcd70d353f5c53418b0d361c629/actionpack/lib/action_dispatch/middleware/cookies.rb#L481" target="_blank" class="github_url">on GitHub</a>
                
              </p>
              <div id="method-c-new_source" class="dyn-source">
                <pre><span class="ruby-comment"># File actionpack/lib/action_dispatch/middleware/cookies.rb, line 481</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword ruby-title">initialize</span>(<span class="ruby-identifier">app</span>)
  <span class="ruby-ivar">@app</span> = <span class="ruby-identifier">app</span>
<span class="ruby-keyword">end</span></pre>
              </div>
            </div>
            
          </div>
                  
      <div class="sectiontitle">Instance Public methods</div>
      
        <div class="method">
          <div class="title method-title" id="method-i-call">
            
              <b>call</b>(env)
            
            <a href="Cookies.html#method-i-call" name="method-i-call" class="permalink">Link</a>
          </div>
          
          
            <div class="description">
              
            </div>
          
          
          
          
          
            
            <div class="sourcecode">
              
              <p class="source-link">
                Source: 
                <a href="javascript:toggleSource('method-i-call_source')" id="l_method-i-call_source">show</a>
                
                  | <a href="https://github.com/rails/rails/blob/943596cb6eb1dfcd70d353f5c53418b0d361c629/actionpack/lib/action_dispatch/middleware/cookies.rb#L485" target="_blank" class="github_url">on GitHub</a>
                
              </p>
              <div id="method-i-call_source" class="dyn-source">
                <pre><span class="ruby-comment"># File actionpack/lib/action_dispatch/middleware/cookies.rb, line 485</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword ruby-title">call</span>(<span class="ruby-identifier">env</span>)
  <span class="ruby-identifier">status</span>, <span class="ruby-identifier">headers</span>, <span class="ruby-identifier">body</span> = <span class="ruby-ivar">@app</span>.<span class="ruby-identifier">call</span>(<span class="ruby-identifier">env</span>)

  <span class="ruby-keyword">if</span> <span class="ruby-identifier">cookie_jar</span> = <span class="ruby-identifier">env</span>[<span class="ruby-string">'action_dispatch.cookies'</span>]
    <span class="ruby-identifier">cookie_jar</span>.<span class="ruby-identifier">write</span>(<span class="ruby-identifier">headers</span>)
    <span class="ruby-keyword">if</span> <span class="ruby-identifier">headers</span>[<span class="ruby-constant">HTTP_HEADER</span>].<span class="ruby-identifier">respond_to?</span>(<span class="ruby-value">:join</span>)
      <span class="ruby-identifier">headers</span>[<span class="ruby-constant">HTTP_HEADER</span>] = <span class="ruby-identifier">headers</span>[<span class="ruby-constant">HTTP_HEADER</span>].<span class="ruby-identifier">join</span>(<span class="ruby-string">&quot;\n&quot;</span>)
    <span class="ruby-keyword">end</span>
  <span class="ruby-keyword">end</span>

  [<span class="ruby-identifier">status</span>, <span class="ruby-identifier">headers</span>, <span class="ruby-identifier">body</span>]
<span class="ruby-keyword">end</span></pre>
              </div>
            </div>
            
          </div>
                    </div>

    </div>
  </body>
</html>    